Jay Paloma's Tech and Music Blog

Sometimes, this writer can no longer distinguish between the two.

Implementing HTTPS on System Center 2012 R2 Configuration Manager – Part 2 Certificate Templates

with one comment

This is Part 2 of the video series on Implementing HTTPS on System Center 2012 R2 Configuration Manager. This discusses the different certificate templates required, creating those templates and then enrolling certificates to  the servers using these templates.

Certificate Templates Required by Configuration Manager

  1. Client Certificate is used by all Configuration Manager clients
  2. Exportable Client Certificate is required for implementing HTTPS on Distribution Points
  3. Web Server Certificate is used by all MPs, DPs, SUPs, RSPs and other Configuration Manager services that use IIS.

Creating the Certificate Templates

  1. Create an Active Directory Global Group and grant Read, Enroll and Autoenroll permissions for each of the 3 templates.
  2. Configure the templates to use Subject Name (not Alternate Name as mentioned in the video) DNS format
  3. Publish the three templates to the CA and restart the Active Directory Certificate Service.

For more details, refer to this article Step-by-Step Example Deployment of the PKI Certificates for Configuration Manager: Windows Server 2008 Certification Authority.



Written by jpaloma

November 22, 2015 at 8:43 PM

One Response

Subscribe to comments with RSS.

  1. […] Create Certificate Templates Required for SCCM […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: